Chapter 25 IPSec VPN
ZyWALL USG 100/200 Series User’s Guide
517
Each kind of translation is explained below. The following example is used to help
explain each one.
Figure 369 VPN Example: NAT for Inbound and Outbound Traffic
Source Address in Outbound Packets (Outbound Traffic, Source NAT)
This translation lets the ZyWALL route packets from computers that are not part of
the specified local network (local policy) through the IPSec SA. For example, in
Figure 369 on page 517, you have to configure this kind of translation if you want
computer M to establish a connection with any computer in the remote network
(B). If you do not configure it, the remote IPSec router may not route messages
for computer M through the IPSec SA because computer M’s IP address is not part
of its local policy.
To set up this NAT, you have to specify the following information:
• Source - the original source address; most likely, computer M’s network.
• Destination - the original destination address; the remote network (B).
• SNAT - the translated source address; the local network (A).
Source Address in Inbound Packets (Inbound Traffic, Source NAT)
You can set up this translation if you want to change the source address of
computers in the remote network. To set up this NAT, you have to specify the
following information:
• Source - the original source address; the remote network (B).
• Destination - the original destination address; the local network (A).
To Next Page
Loading...
